/*
package com.httpdemo.http_teaching_server.controller;


import com.httpdemo.http_teaching_server.model.Product;
import com.httpdemo.http_teaching_server.repository.ProductRepository;
import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/product")
public class ProductController {
    private final ProductRepository repo;

    public ProductController(ProductRepository repo) {
        this.repo = repo;
    }

    @GetMapping("/{id}")
    public Product one(@PathVariable Long id) {
        return repo.findById(id).orElseThrow();
    }
}

 */
package com.httpdemo.http_teaching_server.controller;

import com.httpdemo.http_teaching_server.config.JwtConfig;
import com.httpdemo.http_teaching_server.model.Product;
import com.httpdemo.http_teaching_server.repository.ProductRepository;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.security.Keys;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import io.jsonwebtoken.SignatureAlgorithm;


import java.security.Key;
import java.util.List;
import java.util.Map;
import java.lang.reflect.Field;
import org.springframework.util.ReflectionUtils;

@RestController
@RequestMapping("/products")
public class ProductController {

    @Autowired
    private ProductRepository productRepository;


    private void verifyJwt(String token) {
        Jwts.parserBuilder()
                .setSigningKey(JwtConfig.KEY)
                .build()
                .parseClaimsJws(token);
    }

    @GetMapping
    public List<Product> listProducts(@RequestHeader("Authorization") String auth) {
        String token = auth.substring(7); // Bearer xxx
        verifyJwt(token);
        return productRepository.findAll();
    }

    @PostMapping
    public Product addProduct(@RequestBody Product product, @RequestHeader("Authorization") String auth) {
        String token = auth.substring(7); // Bearer xxx
        verifyJwt(token);
        return productRepository.save(product);
    }

    @PutMapping("/{id}")
    public Product updateProduct(@PathVariable Long id, @RequestBody Product product, @RequestHeader("Authorization") String auth) {
        String token = auth.substring(7); // Bearer xxx
        verifyJwt(token);
        product.setId(id);
        return productRepository.save(product);
    }

    @DeleteMapping("/{id}")
    public void deleteProduct(@PathVariable Long id, @RequestHeader("Authorization") String auth) {
        String token = auth.substring(7); // Bearer xxx
        verifyJwt(token);
        productRepository.deleteById(id);
    }

    @PatchMapping("/{id}")
    public Product patchProduct(@PathVariable Long id, @RequestBody Map<String, Object> updates, @RequestHeader("Authorization") String auth) {
        String token = auth.substring(7); // Bearer xxx
        verifyJwt(token);
        Product product = productRepository.findById(id).orElseThrow();
        updates.forEach((key, value) -> {
            Field field = ReflectionUtils.findField(Product.class, key);
            ReflectionUtils.makeAccessible(field);
            ReflectionUtils.setField(field, product, value);
        });
        return productRepository.save(product);
    }
}